spawn

vrr/spawn

mirror of https://github.com/OpenRouterTeam/spawn.git synced 2026-05-19 08:01:17 +00:00

History

A 88c1f37d7e fix(security): add upper bound to base64 scrub regex to prevent ReDoS (#3251 ) Fixes #3250 The unbounded quantifier {40,} with word boundary \b caused exponential backtracking on long non-matching strings. Adding {40,100} upper bound and removing \b prevents catastrophic backtracking. Agent: security-auditor Co-authored-by: B <6723574+louisgv@users.noreply.github.com> Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>	2026-04-10 10:16:34 +07:00
..
cli	fix(security): add upper bound to base64 scrub regex to prevent ReDoS (#3251 )	2026-04-10 10:16:34 +07:00
shared	fix: rethrow normalized Error in tryCatchIf/asyncTryCatchIf (#2930 )	2026-03-23 19:33:05 -07:00

fix(security): add upper bound to base64 scrub regex to prevent ReDoS (#3251 )

Fixes #3250

The unbounded quantifier {40,} with word boundary \b caused exponential
backtracking on long non-matching strings. Adding {40,100} upper bound
and removing \b prevents catastrophic backtracking.

Agent: security-auditor

Co-authored-by: B <6723574+louisgv@users.noreply.github.com>
Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>

2026-04-10 10:16:34 +07:00

cli

fix(security): add upper bound to base64 scrub regex to prevent ReDoS (#3251 )

2026-04-10 10:16:34 +07:00

shared

fix: rethrow normalized Error in tryCatchIf/asyncTryCatchIf (#2930 )

2026-03-23 19:33:05 -07:00